('binary' encoding is not supported, stored as-is) In-Reply-To: <20030326022821.48e4e54f.negativeat_private> >From: Jim Geovedi <negativeat_private> >To: bugtraqat_private >Subject: Re: PHPNuke viewpage.php allows Remote File retrieving >Message-Id: <20030326022821.48e4e54f.negativeat_private> >In-Reply-To: <3E8098FE.3070808@war-ensemble.com> >References: <20030325163207.13063.qmailat_private> > <3E8098FE.3070808@war-ensemble.com> >Organization: Will Work For Bandwidth, Inc. >X-Mailer: Superunknown. >Mime-Version: 1.0 >Content-Type: text/plain; charset=US-ASCII >Content-Transfer-Encoding: 7bit > >On Tue, 25 Mar 2003 11:59:26 -0600 DaiTengu wrote: >> > viewpage.php is a part of PHPNuke. >> > The Script allows an attacker to view all files on the System. >> > >> > Example: >> > >> > http://server.com/viewpage.php?file=/etc/passwd >> >> umm, what version of phpNuke is vulnerable to this? as far as I'm >> aware, there has not been any viewpage.php since before 5.0... >> >> I beleive this was reported then as well. >> reguardless, this is not true with 6.0 > >it's repeatable on PHP-Nuke 6.5. > >-- > Jim Geovedi <negativeat_private> > I have the vanilla 6.5 and there is no viewpage.php file in the package that I can find. Are you sure that this isn't in an addon? Or possibly left over from a previous version that was never cleared out when phpnuke was updated?
This archive was generated by hypermail 2b30 : Wed Mar 26 2003 - 11:40:24 PST